Table of Contents
Advertisement
VPN menu features
L2TP VPN Server
Select the Required Encryption Level. Access is denied to remote users attempting to connect not
6
using this encryption level. Using Strong Encryption (MPPE 128 Bit) is recommended.
Select the Authentication Database. This allows you to indicate where the list of valid clients can be
7
found. You can select from the following options:
• Local — Use the local database defined on the Local Users tab of the Users page. You must enable
the L2TP Access option for the individual users that are allowed L2TP access.
• RADIUS — Use an external RADIUS server as defined on the RADIUS tab of the Users page.
• TACACS+ — Use an external TACACS+ server as defined on the TACACS+ tab of the Users page.
For details on adding user accounts for PPTP access, and configuring the UTM Firewall appliance to
enable authentication against a RADIUS or TACACS+ server, see
Enter the desired value of the Maximum Transmission (MTU) for the L2TP interfaces into the L2TP MTU
8
field.
• Default: 1400
Click Submit.
9
L2TP IPSec Configuration page
Use the L2TP IPSec configuration page
Authentication is performed using x.509 certificates or a preshared secret. You can add a single shared
secret tunnel for all remote clients authenticating using shared secrets, an x.509 certificate tunnel for each
remote client authenticating using certificates, or both.
• Select Shared Secret Tunnel to use a common secret (passphrase) that is shared between the UTM
Firewall appliance and the remote client. This authentication method is relatively simple to configure, and
relatively secure.
• Select x.509 Certificate Tunnel to use x.509 certificates to authenticate the remote client against a
Certificate Authority's (CA) certificate. The CA certificate must have signed the local certificates that are
used for tunnel authentication. Certificates need to be uploaded to the UTM Firewall appliance before a
tunnel can be configured to use them. For instructions, see
This authentication method is more difficult to configure, but very secure.
Figure 255 L2TP IPSec Configuration page
L2TP Server IPSec Details — If the authentication method is x.509 certificates, this column shows the
distinguished name of the remotely connecting device.
Status — Click the linked text to view more details about the status, as shown in
Refresh to update the current status.
McAfee UTM Firewall 4.0.4 Administration Guide
(Figure
255) to create an IPSec tunnel for use with L2TP.
Adding a certificate for use with IPSec
Users
menu.
Figure
256. Click
VPN.
253
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
